Fedora 39 : ruby (2024-31cac8b8ec)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-31cac8b8ec advisory. Upgrade to Ruby 3.2.4. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

CVE-2023-6214

CVE-2023-6214 (HT Mega – Absolute Addons For Elementor) affects the WordPress plugin HT Mega up to version 2.4.6. The root issue is a data exposure in the purchased_products function, allowing unauthenticated access to the previous 7 days of order data and customer PII. The vulnerability is categ...

CVE-2024-3717 Drag and Drop Multiple File Upload – Contact Form 7 <= 1.3.7.7 - Sensitive Information Exposure

The Drag and Drop Multiple File Upload – Contact Form 7 plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.7.7 via the '/wp-content/uploads/wpdndcf7uploads/wpcf7-files' directory. This makes it possible for unauthenticated attackers to...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : FreeRDP vulnerabilities (USN-6749-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6749-1 advisory. It was discovered that FreeRDP incorrectly handled certain context resets. If a user were tricked into connecting to a malicious...

IBM Aspera Faspex Log Message Disclosure Vulnerability

IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. A log information disclosure vulnerability exists in IBM Aspera Faspex, which can be exploited by an attacker to obtain sensitive information...

Arbitrary memory address read vulnerability with Regex search

If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings. We recommend to update the Ruby to version 3.3.1 or later. In order to ensure compatibility with older Ruby...

PT-2024-24196 · Unknown · F-Logic Datacube3

Name of the Vulnerable Software and Affected Versions: f-logic datacube3 version 1.0 Description: A SQL injection issue allows a remote attacker to obtain sensitive information via the req id parameter. This enables the attacker to potentially extract or modify data without proper authorization...

$400 Bounty Awarded for SQL Injection Vulnerability Patched in WP Activity Log Premium WordPress Plugin

🎉 Did you know were running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On February 24th, 2024, during our second Bug Bounty Extravaganza...

Exploit for SQL Injection in Wpdirectorykit Wp_Directory_Kit

CVE-2024-3217-POC Mitre Description The WP Directory Kit...

CVE-2024-2966

CVE-2024-2966 affects the Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) WordPress plugin. The issue is Sensitive Information Exposure via the element_pack_ajax_search function in all versions up to 5.5.6, allowing unauthenticated attackers...

CVE-2024-0952

The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plugin for WordPress is vulnerable to time-based SQL Injection via the id parameter in all versions up to, and including, 1.12.9 due to insufficient escaping on the user supplied parameter and lack of...

CVE-2023-6967

The Pods – Custom Content Types and Fields plugin for WordPress is vulnerable to SQL Injection via shortcode in all versions up to, and including, 3.0.10 with the exception of 2.7.31.2, 2.8.23.2, 2.9.19.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparati...

CVE-2024-3097

CVE-2024-3097 — NextGEN Gallery (WordPress)

EUVD-2024-31702

The WordPress Gallery Plugin – NextGEN Gallery plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getitem function in versions up to, and including, 3.59. This makes it possible for unauthenticated attackers to extract sensitive data includi...

PT-2024-15053 · WordPress · Beaver Themer

Name of the Vulnerable Software and Affected Versions: Beaver Themer plugin for WordPress versions up to, and including, 1.4.9 Description: The issue allows authenticated attackers with contributor access and above to extract sensitive data, including arbitrary user meta values, via the 'wpbb'...

WordPress Plugin Avada 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

Open Source Medicine Ordering System v1.0 - SQLi

Exploit Title : Open Source Medicine Ordering System v1.0 - SQLi Author : Onur Karasalihoğlu Date : 27/02/2024 Sample Usage % python3 omossqliexploit.py https://target.com Available Databases: 1. informationschema 2. omosdb Please select a database to use enter number: 2 You selected: omosdb...

CVE-2024-2879

The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the lsgetpopupmarkup action in versions 7.9.11 and 7.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated...

WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting <= 1.12.9 - Authenticated (Subscriber+) SQL Injection

Description The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plugin for WordPress is vulnerable to union-based SQL Injection via the 'email' parameter in all versions up to, and including, 1.12.9 due to insufficient escaping on the user supplied...

PT-2024-15685 · WordPress · Wp Erp

Name of the Vulnerable Software and Affected Versions: The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plugin for WordPress versions up to, and including, 1.12.9 Description: The issue is related to union-based SQL Injection via the email parameter...